/** * Function creates the login session entry to the database * TODO: Function does not produce any nice exceptions */ protected function create_login_session(array $tokens, $clientip = null) { if (is_null($clientip)) { if (isset($_SERVER['REMOTE_ADDR'])) { $clientip = $_SERVER['REMOTE_ADDR']; } else { // No place like home $clientip = '127.0.0.1'; } } if (!$this->do_midgard_login($tokens)) { return false; } // Create session to DB midgardmvc_core::get_instance()->authorization->enter_sudo('midgardmvc_core'); $session = new midgardmvc_core_login_session(); $session->userid = $this->user->guid; $session->username = $tokens['login']; if (isset($tokens['password'])) { $session->password = $this->_obfuscate_password($tokens['password']); } if (isset($tokens['authtype'])) { $session->authtype = $tokens['authtype']; } $session->clientip = $clientip; $session->timestamp = time(); $session->trusted = $this->trusted_auth; // for trusted authentication if (!$session->create()) { midgardmvc_core::get_instance()->authorization->leave_sudo(); midgardmvc_core::get_instance()->context->get_request()->set_data_item('midgardmvc_core_services_authentication_message', midgardmvc_core::get_instance()->i18n->get('authentication session creation failed', 'midgardmvc_core')); return false; } midgardmvc_core::get_instance()->authorization->leave_sudo(); $result = array('session_id' => $session->guid, 'user' => $this->user->guid); $this->current_session_id = $session->guid; // By default the session expires when browser is closed $expire_session = 0; if (isset($_POST['remember_login'])) { $expire_session = time() + 24 * 3600 * 365; } $this->session_cookie->create_login_session_cookie($session->guid, $this->user->guid, $expire_session); return $result; }
/** * Function creates the login session entry to the database * TODO: Function does not produce any nice exceptions * * @param username * @param password * @clientip determined automatically if not set */ private function create_login_session($username, $password, $clientip = null) { midgardmvc_core::get_instance()->authorization->enter_sudo('midgardmvc_core'); if (is_null($clientip)) { if (isset($_SERVER['REMOTE_ADDR'])) { $clientip = $_SERVER['REMOTE_ADDR']; } else { // No place like home $clientip = '127.0.0.1'; } } if (!$this->do_midgard_login($username, $password)) { return false; } $session = new midgardmvc_core_login_session(); $session->userid = $this->user->guid; $session->username = $username; $session->password = $this->_obfuscate_password($password); $session->clientip = $clientip; $session->timestamp = time(); $session->trusted = $this->trusted_auth; // for trusted authentication if (!$session->create()) { // TODO: Add some exception? return false; } $result = array('session_id' => $session->guid, 'user' => &$user); $this->current_session_id = $session->guid; if (isset($_POST['remember_login'])) { $this->session_cookie->create_login_session_cookie($session->guid, $this->user->guid, time() + 24 * 3600 * 365); } else { $this->session_cookie->create_login_session_cookie($session->guid, $this->user->guid); } midgardmvc_core::get_instance()->authorization->leave_sudo(); return $result; }